Diligent Corporation and Steele Compliance Data Breach Investigation

Turke & Strauss LLP, a leading data breach law firm, is investigating Diligent Corporation and its subsidiary, Steele Compliance, regarding its recent data breach. The Diligent Corporation/Steele Compliance data breach involved sensitive personal identifiable information belonging to over 1,100 individuals.


Diligent Compliance is a software as a service company that specializes in governance software, board portal solutions, and other entity management products. In February 2021, Diligent Corporation acquired San Francisco-based Steele Compliance, a software company that offers ethics and compliance management to its customers. Diligent Corporation partners with various organizations, including the University of Colorado Hospital Authority (UCHealth), to provide business operations tools. Headquartered in New York, New York, Diligent Corporation has offices across the world, including in Washington, D.C., London, Munich, Budapest, and Hong Kong. Founded in 1994, Diligent Corporation generates over $450 million in annual revenue and employs over 1,500 individuals.


On or about May 23, 2022, Diligent Corporation discovered that it had experienced a data breach in which the sensitive personal identifiable information in the Steele Compliance system may have been accessed and acquired. Through its investigation, Diligent Corporation determined that an unauthorized actor accessed and acquired this sensitive information between May 21 and May 24, 2022. On June 22, 2022, Diligent Corporation began notifying individuals whose information may have been impacted. On February 1, 2023, Diligent Corporation filed additional data breach notifications with various state governments signifying that more individuals needed notification that their personal identifiable information may have been impacted. The type of information exposed includes:

  • Name
  • Social Security number
  • Human Resources records
  • Email address
  • Mailing address

If you received a breach notification letter from Diligent Corporation:

We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at (608) 237-1775 or sam@turkestrauss.com.

If you were impacted by the Diligent Corporation data breach, you may consider taking the following steps to protect your personal information.

  1. Carefully review the breach notice and retain a copy;
  2. Enroll in any free credit monitoring services provided by Diligent Corporation;
  3. Change passwords and security questions for online accounts;
  4. Regularly review account statements for signs of fraud or unauthorized activity;
  5. Monitor credit reports for signs of identity theft; and
  6. Contact a credit bureau(s) to request a temporary fraud alert.

Share This Post: